Configuring Microsoft 365 accounts
Before you can scan email in Microsoft 365 mailboxes, you must connect to Microsoft 365.
Adding your Microsoft 365 account in FortiMail requires that you provide your Tenant ID, Application ID, and Application Secret.
When acquiring the Tenant ID and Application ID from MS365, you must also grant consent permissions for the admin.
Add the following permissions for the admin in MS365:
- User.Read.All
- Mail.ReadWrite
- Mail.Send
- GroupMember.Read.All
Note that User.Read is added by default.
To create an Microsoft 365 account
- Go to View > Microsoft 365 View.
- Go to System > Account > Account.
- Click New.
- Enter the Tenant ID, Application ID, Application Secret, and a Description.
-
Select a regional Service Endpoint appropriate to your geographical location.
-
Optionally, click New under User Filter Setting to configure user filter settings.
- When finished configuring the account, click Create.
You receive log on credentials when you create the custom application on Microsoft Azure. For details, see the Azure documentation.
Enable Status, select the appropriate user Type, and specify additional options depending upon the filter type selected, then click Create.
If successful, the account will appear in the account list and FortiMail is connected to Microsoft 365.
Click View User List to view the following email user information under the selected Microsoft 365 account:
-
Status: Displays whether the user is subscribed or not.
-
Email: User names of the email users on the Microsoft 365 account.
-
Expiry Date: Subscription expiry date and time to notifications of the user's real-time email.